Fingerprinting CakePHP applications with Nmap
by Mon, May 30 2011 07:17:00on
I commited a new Nmap NSE script called 'http-cakephp-version' that identifies the version of CakePHP applications.
./nmap --script http-cakephp-version <host/ip>
$ ./nmap --script http-cakephp-version -p80 -v calderonpale.com Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-05-30 03:08 PDT NSE: Loaded 1 scripts for scanning. Initiating Ping Scan at 03:08 Scanning calderonpale.com (220.127.116.11) [2 ports] Completed Ping Scan at 03:08, 0.34s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 03:08 Completed Parallel DNS resolution of 1 host. at 03:08, 13.00s elapsed Initiating Connect Scan at 03:08 Scanning calderonpale.com (18.104.22.168) [1 port] Discovered open port 80/tcp on 22.214.171.124 Completed Connect Scan at 03:08, 0.38s elapsed (1 total ports) NSE: Script scanning 126.96.36.199. Initiating NSE at 03:08 Completed NSE at 03:08, 4.63s elapsed Nmap scan report for calderonpale.com (188.8.131.52) Host is up (0.35s latency). PORT STATE SERVICE 80/tcp open http | http-cakephp-version: Version of codebase: 1.3.x | Version of icons: 1.3.x |_Default stylesheet has an unknown hash: 2c2393fa72edd21a1dc2c4f665316dde Read data files from: /home/cldrn/projects/nmap/src Nmap done: 1 IP address (1 host up) scanned in 18.88 seconds
Update your copy of Nmap to get this and other great scripts available.